urlscan.io logo urlscan.io
SecurityTrails logo

tracking.s24.com Open in urlscan Pro
2a00:12c0:101b:200::19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paradmountplus.com/
Effective URL: https://tracking.s24.com/v3/proceed?cor_b=CiQ3YTgzODVjNC0yNzkzLTQ2MjgtYTQ4My1kNWNjMDdhOWU5MDgaCDEwMTE4ZDhjIKAoKIXAk7AGMgk...
Submission: On December 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 10 HTTP transactions. The main IP is 2a00:12c0:101b:200::19, located in Germany and belongs to FILOO-ASN Rhedaer Strasse 25, DE. The main domain is tracking.s24.com.
TLS certificate: Issued by R3 on October 28th 2021. Valid for: 3 months.
This is the only time tracking.s24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 81.17.18.198 51852 (PLI-AS)
2 2 173.192.101.30 36351 (SOFTLAYER)
5 100.20.247.146 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:12c0:101... 47215 (FILOO-ASN...)
1 2606:4700:20:... ()
10 6
2    81.17.18.198 (Zurich, Switzerland)

ASN51852 (PLI-AS, PA)
paradmountplus.com
2    173.192.101.30 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 1e.65.c0ad.ip4.static.sl-reverse.com
beta.mybestdl.com
5    100.20.247.146 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-247-146.us-west-2.compute.amazonaws.com
click.cartageous.de
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:12c0:101b:200::19 (Germany)

ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE)
tracking.s24.com
1    2606:4700:20::681a:d38 (None, )

ASN- ()
wickey.de
Domain Requested by
5 click.cartageous.de paradmountplus.com
click.cartageous.de
3 tracking.s24.com 2 redirects click.cartageous.de
2 beta.mybestdl.com 2 redirects
2 paradmountplus.com 1 redirects
1 wickey.de
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com click.cartageous.de
10 7

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.s24.com
R3		 2021-10-28 -
2022-01-26		 3 months crt.sh
wickey.de
Cloudflare Inc ECC CA-3		 2021-07-18 -
2022-07-17		 a year crt.sh

This page contains 1 frames:

Frame: https://wickey.de/spielturm-mit-schaukel-ghostflyer?s24clid=7a8385c4-2793-4628-a483-d5cc07a9e908
Frame ID: E3509C0D3557E6862BBC32301FA3ACDB
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://paradmountplus.com/ Page URL
  2. http://paradmountplus.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzODg... HTTP 302
    https://beta.mybestdl.com/aS/feedclick?s=mC6s-PqgY78S8msa2ReE9Y8uDhK_8R6jT46ZjpstHTZv70XeqvOOcGPzN2c9f... HTTP 302
    https://beta.mybestdl.com/adServe/domainClick?ai=W6LwHsBtbbFZTZAUAWurt23RjwjhypmEnShBZ5orUqF6NspMk0H1D... HTTP 302
    http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_440879457|010_1... Page URL
  3. https://tracking.s24.com/v3/clickout/10118d8c/5152/1711595525/1214a72276c20ad22f29b3f95b6ac199a8b361e... HTTP 303
    https://tracking.s24.com/v3/proceed?cor_b=CiQ3YTgzODVjNC0yNzkzLTQ2MjgtYTQ4My1kNWNjMDdhOWU5MDgaCDEwMTE... Page URL

Page Statistics

10
Requests

40 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

81 kB
Transfer

132 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paradmountplus.com/ Page URL
  2. http://paradmountplus.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzODg0NzY0OCwiaWF0IjoxNjM4ODQwNDQ4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycXY1OWQycmJlMzZuZ21vdTQwdHA2bWgiLCJuYmYiOjE2Mzg4NDA0NDgsInRzIjoxNjM4ODQwNDQ4MDEyOTI2fQ.WM9tLTUdnMY2EP3m5MVPQ-1NftZrUlDWFOB6mdcw8c4&sid=d6f863ea-56fc-11ec-873f-13dc365dce49 HTTP 302
    https://beta.mybestdl.com/aS/feedclick?s=mC6s-PqgY78S8msa2ReE9Y8uDhK_8R6jT46ZjpstHTZv70XeqvOOcGPzN2c9f2E7_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2kr-2eUCFHrhfcJxlZW-5uJIEuNUA2E24QBMrI14PCQDSYxCCC1v91e11jqZ8a8jZcTfcnEUO6Ar27P7MKX-V7bKtF7xQBdhQPDoXJRiu1o-FBtJhcpC56tcFbxEA2qB5Nx_24rtXwAZ_GQMPVE79bNE__VSEUf57RILddqDLJkHnH8RDWDUIARt5nXfkqiWBJURYPneJYazGre0w1U7CJganrb0ZwiD9Ijt9Z68zxYMbWrJt_KmnLdkVfzJlqEQ4jp_cm_vL0n74FMA3neAUDn4xzEgtRZIILPRUXCJbQvdkMzRo0jpnwObyoy6FRrtCwX3o5-AiqYvlxAXUj4Tki-5EonCrIRrocfywx3XSZarIyqNh5VolQ2nyTW8Jqhu0OipzCM5E5uUNPVLKkRO1eyHQKVaD8Pet_3wssZQQXk__KtziJ5s3dLK-PWv5uoY33F7kSGJ3Qk4ffVtcwLECfPOUsjnswtNhldb9qY0nsNU66DBRE5zG904MOdEF6uudwh9U5F8IkmLI_pyR_6311BZzXF1QAtqOhvRkgz7WnCazXva3xOxHNnic3lbrlb2mpSQH9SdCBBJjq_J0dHZhb-_VBUIeBv2gTvaQgjP0HYFEbD6fIUO17_-XVaQv4lm9f3QgiygOpPGlwkhKBDgKN5tAWD32hb3DwdP7ROhGdrRNWRPYhJ8fIFprM2V0N_wOP2fh27XMhO1lpAeVw3obpcjEwyDABdOuDhaG8Qvm-2RF6Z0ftmqQ6EZ1HbYpraAphrTO1Fo8GX2wqPIWHZpNaBplLX2qkMOmW_tJrSvI_Y6GEEy4yagHTAmHLcPKS6SP6nIcT1_em9XckD7V3CU3nEB2Jxf7hiiIX_YvEVyAT4mhwuhGdTuTWQ7jTsfzhqxLBt02uuGMCzpgtQTt4n7LjuBPV9wGELAqQBJ96XZxkqEKR0wOys_X6PeJip01C8trXkIE3rD_YYcRg0R1huLlliAlxsKB_LBxyDMWDEcIrEsluFClVyyFIA6tqCJWlIXuPiXimj-ytXsIJhccXI35do1o0ZQWr8yGfTnmBlX7ANpOYVvUw1clbUf-pfxjMf89mi2L-4COsWdTlIP5ptT_pYgSgKIPEt-pdF_w2aqpZ33FLyUZ9RAQQf0HGo2K-Z1nLT5dYLylUmUu7QMRllctcG7apC8cq1J8jmDv6U5wu6wb431qwotRCUtACDN79n2werXtVVrcM9JHGvVQvdff3OQE2xiX2PKhqpXEEx4ojMw6pbRkmbs92qaMhDqf7kErm1wBg8gd-QY0X_DZqqlnfcaWo-nh4xU9_Ve2FF4nvRU6dKEFnmitSoYGWiz08qQCac8yX2Snvt6Xgcm6cqkr2IWLVgdel1a95j48gcBvAR5ZlkkLEB146pQ HTTP 302
    https://beta.mybestdl.com/adServe/domainClick?ai=W6LwHsBtbbFZTZAUAWurt23RjwjhypmEnShBZ5orUqF6NspMk0H1DwOLY7kfswAKSk08W05h-emNxJp1KMxTL4f18T9CpHqCT2L9NFyVXF55Q47z-CV1ol2k4XVJzHJXDtUxEzFWDtOdKEFnmitSoUv7EJ8xQviaeyZeB4t_supTBwMhm0U8qBah0mgkUTJVLhMLprP_OHTt45ZgHquZZEnQZ9PqscGDIDSqf8QcMmWpTNp5iFKPCjjDN7hxoakO8B0PF81k4VXFZ8E78-CR_0uP2HF_RImTS1V9Rt9xcBTZ2BGyX9whJ2HNq8kR-jp6x5WrgZj24V0RITLTjXCCEysCBXZHi5sjKH7xdaNgjm69nS2-sDJzXVWQdFTAZXOx7j-HGqYGJ1nfj8RQEHtPdbkcEcAYjxpLVvRUTW0wKKat3Q5wgRfquX7SXsGEDQB4&ui=mC6s-PqgY78S8msa2ReE9fbWwvziNp_1xLgNeF8Zj-jGvVQvdff3OeqOOvy8btWVBvpmn4bxlptETDsn9XJMWMMsTXVrLFRiwpfA7g74uNX7ycxXMxr2Xg&si=1&oref=7e15c1fc0c26991f42d015dfe9f7445b&optunit=A3_evZbIHakxiK9fED88P9sQi3LD6Kuu&rb=bBYvYlMrmMM&rr=1&abtg=0 HTTP 302
    http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_440879457|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440879457%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey Page URL
  3. https://tracking.s24.com/v3/clickout/10118d8c/5152/1711595525/1214a72276c20ad22f29b3f95b6ac199a8b361ed?s24cid=802921088 HTTP 303
    https://tracking.s24.com/v3/proceed?cor_b=CiQ3YTgzODVjNC0yNzkzLTQ2MjgtYTQ4My1kNWNjMDdhOWU5MDgaCDEwMTE4ZDhjIKAoKIXAk7AGMgk4MDI5MjEwODhA5ICDlNkvSiA2Y1kwN0NteFoxMTBpOXNKWEVxM2t6aFhUNlo1MHFtUFJyTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2WhQyMDAxOmFjODozNjo2OjIwODo6MWIbaHR0cDovL2NsaWNrLmNhcnRhZ2VvdXMuZGUvggEkNGVhYWFjZTctNzg0ZC00NGQwLWFmMzktYjZjYzk4ZjBmM2QzkAEA&cor_h=iizHjyM79dRaq6yrAMFtGjL0dFebozYc8roj6qvyWLY%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://paradmountplus.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzODg0NzY0OCwiaWF0IjoxNjM4ODQwNDQ4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycXY1OWQycmJlMzZuZ21vdTQwdHA2bWgiLCJuYmYiOjE2Mzg4NDA0NDgsInRzIjoxNjM4ODQwNDQ4MDEyOTI2fQ.WM9tLTUdnMY2EP3m5MVPQ-1NftZrUlDWFOB6mdcw8c4&sid=d6f863ea-56fc-11ec-873f-13dc365dce49 HTTP 302
  • https://beta.mybestdl.com/aS/feedclick?s=mC6s-PqgY78S8msa2ReE9Y8uDhK_8R6jT46ZjpstHTZv70XeqvOOcGPzN2c9f2E7_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2kr-2eUCFHrhfcJxlZW-5uJIEuNUA2E24QBMrI14PCQDSYxCCC1v91e11jqZ8a8jZcTfcnEUO6Ar27P7MKX-V7bKtF7xQBdhQPDoXJRiu1o-FBtJhcpC56tcFbxEA2qB5Nx_24rtXwAZ_GQMPVE79bNE__VSEUf57RILddqDLJkHnH8RDWDUIARt5nXfkqiWBJURYPneJYazGre0w1U7CJganrb0ZwiD9Ijt9Z68zxYMbWrJt_KmnLdkVfzJlqEQ4jp_cm_vL0n74FMA3neAUDn4xzEgtRZIILPRUXCJbQvdkMzRo0jpnwObyoy6FRrtCwX3o5-AiqYvlxAXUj4Tki-5EonCrIRrocfywx3XSZarIyqNh5VolQ2nyTW8Jqhu0OipzCM5E5uUNPVLKkRO1eyHQKVaD8Pet_3wssZQQXk__KtziJ5s3dLK-PWv5uoY33F7kSGJ3Qk4ffVtcwLECfPOUsjnswtNhldb9qY0nsNU66DBRE5zG904MOdEF6uudwh9U5F8IkmLI_pyR_6311BZzXF1QAtqOhvRkgz7WnCazXva3xOxHNnic3lbrlb2mpSQH9SdCBBJjq_J0dHZhb-_VBUIeBv2gTvaQgjP0HYFEbD6fIUO17_-XVaQv4lm9f3QgiygOpPGlwkhKBDgKN5tAWD32hb3DwdP7ROhGdrRNWRPYhJ8fIFprM2V0N_wOP2fh27XMhO1lpAeVw3obpcjEwyDABdOuDhaG8Qvm-2RF6Z0ftmqQ6EZ1HbYpraAphrTO1Fo8GX2wqPIWHZpNaBplLX2qkMOmW_tJrSvI_Y6GEEy4yagHTAmHLcPKS6SP6nIcT1_em9XckD7V3CU3nEB2Jxf7hiiIX_YvEVyAT4mhwuhGdTuTWQ7jTsfzhqxLBt02uuGMCzpgtQTt4n7LjuBPV9wGELAqQBJ96XZxkqEKR0wOys_X6PeJip01C8trXkIE3rD_YYcRg0R1huLlliAlxsKB_LBxyDMWDEcIrEsluFClVyyFIA6tqCJWlIXuPiXimj-ytXsIJhccXI35do1o0ZQWr8yGfTnmBlX7ANpOYVvUw1clbUf-pfxjMf89mi2L-4COsWdTlIP5ptT_pYgSgKIPEt-pdF_w2aqpZ33FLyUZ9RAQQf0HGo2K-Z1nLT5dYLylUmUu7QMRllctcG7apC8cq1J8jmDv6U5wu6wb431qwotRCUtACDN79n2werXtVVrcM9JHGvVQvdff3OQE2xiX2PKhqpXEEx4ojMw6pbRkmbs92qaMhDqf7kErm1wBg8gd-QY0X_DZqqlnfcaWo-nh4xU9_Ve2FF4nvRU6dKEFnmitSoYGWiz08qQCac8yX2Snvt6Xgcm6cqkr2IWLVgdel1a95j48gcBvAR5ZlkkLEB146pQ HTTP 302
  • https://beta.mybestdl.com/adServe/domainClick?ai=W6LwHsBtbbFZTZAUAWurt23RjwjhypmEnShBZ5orUqF6NspMk0H1DwOLY7kfswAKSk08W05h-emNxJp1KMxTL4f18T9CpHqCT2L9NFyVXF55Q47z-CV1ol2k4XVJzHJXDtUxEzFWDtOdKEFnmitSoUv7EJ8xQviaeyZeB4t_supTBwMhm0U8qBah0mgkUTJVLhMLprP_OHTt45ZgHquZZEnQZ9PqscGDIDSqf8QcMmWpTNp5iFKPCjjDN7hxoakO8B0PF81k4VXFZ8E78-CR_0uP2HF_RImTS1V9Rt9xcBTZ2BGyX9whJ2HNq8kR-jp6x5WrgZj24V0RITLTjXCCEysCBXZHi5sjKH7xdaNgjm69nS2-sDJzXVWQdFTAZXOx7j-HGqYGJ1nfj8RQEHtPdbkcEcAYjxpLVvRUTW0wKKat3Q5wgRfquX7SXsGEDQB4&ui=mC6s-PqgY78S8msa2ReE9fbWwvziNp_1xLgNeF8Zj-jGvVQvdff3OeqOOvy8btWVBvpmn4bxlptETDsn9XJMWMMsTXVrLFRiwpfA7g74uNX7ycxXMxr2Xg&si=1&oref=7e15c1fc0c26991f42d015dfe9f7445b&optunit=A3_evZbIHakxiK9fED88P9sQi3LD6Kuu&rb=bBYvYlMrmMM&rr=1&abtg=0 HTTP 302
  • http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_440879457|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440879457%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey
Request Chain 8
  • https://tracking.s24.com/v3/commit?cor_b=CiQ3YTgzODVjNC0yNzkzLTQ2MjgtYTQ4My1kNWNjMDdhOWU5MDgaCDEwMTE4ZDhjIKAoKIXAk7AGMgk4MDI5MjEwODhA5ICDlNkvSiA2Y1kwN0NteFoxMTBpOXNKWEVxM2t6aFhUNlo1MHFtUFJyTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2WhQyMDAxOmFjODozNjo2OjIwODo6MWIbaHR0cDovL2NsaWNrLmNhcnRhZ2VvdXMuZGUvggEkNGVhYWFjZTctNzg0ZC00NGQwLWFmMzktYjZjYzk4ZjBmM2QzkAEA&cor_h=iizHjyM79dRaq6yrAMFtGjL0dFebozYc8roj6qvyWLY%3D HTTP 303
  • https://wickey.de/spielturm-mit-schaukel-ghostflyer?s24clid=7a8385c4-2793-4628-a483-d5cc07a9e908

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
paradmountplus.com/ 		474 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
http://paradmountplus.com/
Protocol
HTTP/1.1
Server
81.17.18.198 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
474
content-type
text/html; charset=utf-8
date
Tue, 07 Dec 2021 01:27:27 GMT
server
nginx
/
click.cartageous.de/
Redirect Chain
  • http://paradmountplus.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzODg0NzY0OCwiaWF0IjoxNjM4ODQwNDQ4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycXY1OWQycmJlMzZuZ21vdTQwdH...
  • https://beta.mybestdl.com/aS/feedclick?s=mC6s-PqgY78S8msa2ReE9Y8uDhK_8R6jT46ZjpstHTZv70XeqvOOcGPzN2c9f2E7_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2kr-2eUCFHrhfcJxlZW-5uJIEuNUA2E24QBMrI14PCQDSYxCCC1v91e11jqZ8a...
  • https://beta.mybestdl.com/adServe/domainClick?ai=W6LwHsBtbbFZTZAUAWurt23RjwjhypmEnShBZ5orUqF6NspMk0H1DwOLY7kfswAKSk08W05h-emNxJp1KMxTL4f18T9CpHqCT2L9NFyVXF55Q47z-CV1ol2k4XVJzHJXDtUxEzFWDtOdKEFnmitS...
  • http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_440879457|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DB...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_440879457|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440879457%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey
Requested by
Host: paradmountplus.com
URL: http://paradmountplus.com/
Protocol
HTTP/1.1
Server
100.20.247.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-247-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6d0947a2cdbbd9d18ae592564f8974c09907801172083218721bb5c270aadb86
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://paradmountplus.com/

Response headers

Date
Tue, 07 Dec 2021 01:27:29 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
X-DNS-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
ETag
W/"bbf-LLtjDfVT6aDMZ72fHNONDEEHyQI"
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

server
nginx
date
Tue, 07 Dec 2021 01:27:29 GMT
content-length
0
location
http://click.cartageous.de?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_440879457|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440879457%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey
rt.min.js
click.cartageous.de/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://click.cartageous.de/js/rt.min.js
Requested by
Host: click.cartageous.de
URL: http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_440879457|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440879457%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey
Protocol
HTTP/1.1
Server
100.20.247.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-247-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ceb4764d20aaefd0ef7f0269451ddeeef80d4873c211a9fcf93da5c9aca64652
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_440879457|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440879457%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:27:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-DNS-Prefetch-Control
off
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 07 Dec 2021 01:16:00 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"365e-17d9276379d"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Accept-Ranges
bytes
landing.min.js
click.cartageous.de/js/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://click.cartageous.de/js/landing.min.js
Requested by
Host: click.cartageous.de
URL: http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_440879457|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440879457%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey
Protocol
HTTP/1.1
Server
100.20.247.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-247-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d847109e96105ec05c66bf906afe2e498370ad4c363c1406d9c4a964f1188e31
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_440879457|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440879457%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:27:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-DNS-Prefetch-Control
off
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 24 Nov 2021 09:37:54 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"107ea-17d514f0950"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Accept-Ranges
bytes
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Requested by
Host: click.cartageous.de
URL: http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_440879457|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440879457%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
afbb224757994ccc20b0ab6ceb60eab144cd8825a392613861045e393632ec81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://click.cartageous.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:59:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 07 Dec 2021 01:27:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Dec 2021 01:27:29 GMT
bcloader.gif
click.cartageous.de/images/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://click.cartageous.de/images/bcloader.gif
Requested by
Host: click.cartageous.de
URL: http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_440879457|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440879457%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey
Protocol
HTTP/1.1
Server
100.20.247.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-247-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6697a4e88a23706a4b0e2eada7b346b7e5839d71d07505987582f48e810784f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://click.cartageous.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:27:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Nov 2021 09:37:54 GMT
ETag
W/"6816-17d514f0950"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Strict-Transport-Security
max-age=15552000; includeSubDomains
Accept-Ranges
bytes
X-DNS-Prefetch-Control
off
Content-Length
26646
X-XSS-Protection
1; mode=block
updateClickStatus
click.cartageous.de/ 		174 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
http://click.cartageous.de/updateClickStatus
Requested by
Host: click.cartageous.de
URL: http://click.cartageous.de/js/landing.min.js
Protocol
HTTP/1.1
Server
100.20.247.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-247-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
30c5b4d494eae31af01958605462d6812b197c058f8618bc9efdf9e4a8de6698
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_440879457|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440879457%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Dec 2021 01:27:31 GMT
X-Content-Type-Options
nosniff
ETag
W/"ae-9WzIFCzEBVb+2vTBU0lHWEi3M+U"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-DNS-Prefetch-Control
off
Vary
Accept-Encoding
Content-Length
174
X-XSS-Protection
1; mode=block
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://click.cartageous.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 15:40:37 GMT
x-content-type-options
nosniff
age
467213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 15:40:37 GMT
Primary Request proceed
tracking.s24.com/v3/
Redirect Chain
  • https://tracking.s24.com/v3/clickout/10118d8c/5152/1711595525/1214a72276c20ad22f29b3f95b6ac199a8b361ed?s24cid=802921088
  • https://tracking.s24.com/v3/proceed?cor_b=CiQ3YTgzODVjNC0yNzkzLTQ2MjgtYTQ4My1kNWNjMDdhOWU5MDgaCDEwMTE4ZDhjIKAoKIXAk7AGMgk4MDI5MjEwODhA5ICDlNkvSiA2Y1kwN0NteFoxMTBpOXNKWEVxM2t6aFhUNlo1MHFtUFJyTW96aWx...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tracking.s24.com/v3/proceed?cor_b=CiQ3YTgzODVjNC0yNzkzLTQ2MjgtYTQ4My1kNWNjMDdhOWU5MDgaCDEwMTE4ZDhjIKAoKIXAk7AGMgk4MDI5MjEwODhA5ICDlNkvSiA2Y1kwN0NteFoxMTBpOXNKWEVxM2t6aFhUNlo1MHFtUFJyTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2WhQyMDAxOmFjODozNjo2OjIwODo6MWIbaHR0cDovL2NsaWNrLmNhcnRhZ2VvdXMuZGUvggEkNGVhYWFjZTctNzg0ZC00NGQwLWFmMzktYjZjYzk4ZjBmM2QzkAEA&cor_h=iizHjyM79dRaq6yrAMFtGjL0dFebozYc8roj6qvyWLY%3D
Requested by
Host: click.cartageous.de
URL: http://click.cartageous.de/js/landing.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::19 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
1cc75290d3a842de52596966f07b1e17d43f52e98c396976ce8f067445d27de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://click.cartageous.de/

Response headers

content-language
de-DE
content-type
text/html;charset=UTF-8
date
Tue, 07 Dec 2021 01:27:30 GMT
etag
W/"03cc74689a91ff4dff76cd1905c10ee75"
p3p
CP="NOI DSP LAW NID CURa ADMa PSAa OUR LEG PUR COM NAV STA"
x-robots-tag
noindex, nofollow
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://cspreport.s24.com/;
strict-transport-security
max-age=31536000;
vary
Accept-Encoding Accept-Encoding
content-encoding
gzip

Redirect headers

cache-control
no-cache, no-store
content-language
de-DE
content-length
0
date
Tue, 07 Dec 2021 01:27:30 GMT
location
https://tracking.s24.com/v3/proceed?cor_b=CiQ3YTgzODVjNC0yNzkzLTQ2MjgtYTQ4My1kNWNjMDdhOWU5MDgaCDEwMTE4ZDhjIKAoKIXAk7AGMgk4MDI5MjEwODhA5ICDlNkvSiA2Y1kwN0NteFoxMTBpOXNKWEVxM2t6aFhUNlo1MHFtUFJyTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2WhQyMDAxOmFjODozNjo2OjIwODo6MWIbaHR0cDovL2NsaWNrLmNhcnRhZ2VvdXMuZGUvggEkNGVhYWFjZTctNzg0ZC00NGQwLWFmMzktYjZjYzk4ZjBmM2QzkAEA&cor_h=iizHjyM79dRaq6yrAMFtGjL0dFebozYc8roj6qvyWLY%3D
p3p
CP="NOI DSP LAW NID CURa ADMa PSAa OUR LEG PUR COM NAV STA"
x-robots-tag
noindex, nofollow
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://cspreport.s24.com/;
strict-transport-security
max-age=31536000;
spielturm-mit-schaukel-ghostflyer
wickey.de/
Redirect Chain
  • https://tracking.s24.com/v3/commit?cor_b=CiQ3YTgzODVjNC0yNzkzLTQ2MjgtYTQ4My1kNWNjMDdhOWU5MDgaCDEwMTE4ZDhjIKAoKIXAk7AGMgk4MDI5MjEwODhA5ICDlNkvSiA2Y1kwN0NteFoxMTBpOXNKWEVxM2t6aFhUNlo1MHFtUFJyTW96aWxs...
  • https://wickey.de/spielturm-mit-schaukel-ghostflyer?s24clid=7a8385c4-2793-4628-a483-d5cc07a9e908
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://wickey.de/spielturm-mit-schaukel-ghostflyer?s24clid=7a8385c4-2793-4628-a483-d5cc07a9e908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d38 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
Origin
https://tracking.s24.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tracking.s24.com/

Response headers

date
Tue, 07 Dec 2021 01:27:36 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
content-security-policy-report-only
font-src *.gstatic.com 'unsafe-inline' data: *.fontawesome.com maxcdn.bootstrapcdn.com *.cloudflare.com *.bootstrapcdn.com *.cloudfront.net data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.ogone.com *.ingenico.com *.v-psp.com *.epdq.co.uk *.postfinance.ch *.paypage.be *.payengine.de *.eupayglobe.com *.tpvecommerce.es *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ www.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com *.ogone.com *.ingenico.com *.v-psp.com *.epdq.co.uk *.postfinance.ch *.paypage.be *.payengine.de *.eupayglobe.com *.tpvecommerce.es *.weltpixel.com *.facebook.com *.hotjar.com *.doubleclick.net *.cookieinformation.com squarelovin.com *.pinimg.com *.pinterest.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.gstatic.com *.googleapis.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de https://www.mollie.com *.cloudflare.com *.bing.com *.facebook.com *.linkedin.com *.pinterest.com *.google.com *.google.nl *.google.rs *.trustedshops.com *.wickey.nl wickey.nl *.adsymptotic.com *.squarelovin.com squarelovin.com *.azureedge.net *.google.de *.youtube.com *.wickey.de wickey.de data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.googleapis.com maps.googleapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co webchat.dotdigital.com js.mollie.com https://www.googletagmanager.com tagmanager.google.com *.cloudflare.com *.twitter.com *.fontawesome.com *.bing.com *.wickey.nl wickey.nl *.trustedshops.com *.licdn.com *.pinimg.com *.hotjar.com *.facebook.net *.doubleclick.net *.google.com *.s24.com *.newrelic.com *.nr-data.net *.cloudflareinsights.com *.cookieinformation.com *.amazonaws.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com *.squarelovin.com squarelovin.com *.cloudfront.net *.userlike.com *.youtube.com *.wickey.de wickey.de 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com cdn.dnky.co webchat.dotdigital.com *.fontawesome.com maxcdn.bootstrapcdn.com tagmanager.google.com *.cloudflare.com *.bootstrapcdn.com squarelovin.com *.youtube.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com *.ogone.com *.ingenico.com *.v-psp.com *.epdq.co.uk *.postfinance.ch *.paypage.be *.payengine.de *.eupayglobe.com *.tpvecommerce.es *.cloudflare.com *.doubleclick.net *.google-analytics.com *.pinterest.com *.wickey.nl wickey.nl *.hotjar.com *.hotjar.io *.facebook.com *.nr-data.net *.userlike.com *.youtube.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com *.wickey.de wickey.de 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-environment
Hipex/3 main Hipex/3 general
x-server
app-1
age
0
x-magento-cache-debug
MISS
pragma
no-cache
expires
-1
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJtExL0uIVIaNLxdAUrw649lFo5E35o0OOj3gVmyRtyrSRWc6HdSdOntO8aUPCQ4Mgc%2BNxVmyXhugAg8W7xlyVDuFKec9F962W%2FaHvtzHwlX8LcnYMnzp%2FF4bpkhqRcw0L5%2FbaOVYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99f8d4c8200f52-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

content-language
de-DE
content-length
0
date
Tue, 07 Dec 2021 01:27:31 GMT
location
https://wickey.de/spielturm-mit-schaukel-ghostflyer?s24clid=7a8385c4-2793-4628-a483-d5cc07a9e908
p3p
CP="NOI DSP LAW NID CURa ADMa PSAa OUR LEG PUR COM NAV STA"
x-robots-tag
noindex, nofollow
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://cspreport.s24.com/;
strict-transport-security
max-age=31536000;

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

6 Cookies

Domain/Path Name / Value
.paradmountplus.com/ Name: sid
Value: d6f863ea-56fc-11ec-873f-13dc365dce49
.mybestdl.com/ Name: rhid
Value: 80259002123
.mybestdl.com/ Name: loi
Value: ad_1135726_off_580125_aff_11683_cid_185689-PARADMOUNTPLUS.COM_ts_1638840449
.s24.com/ Name: co-session
Value: 6cY07CmxZ110i9sJXEq3kzhXT6Z50qmP
.s24.com/ Name: s24uid
Value: 4eaaace7-784d-44d0-af39-b6cc98f0f3d3
.s24.com/ Name: co-revn
Value: H4sIAAAAAAAAAAXBIRKAIBAF0Att2A98WLJjMRkMSMWg4xAYi+PpfY+gEySAmXQUKGCHNYlt1zT1twJ65Wcp8/D3d5YtVuroqyB6s6CBQHI/u/3bu0cAAAA=